本エントリは This Week in 4n6 (FourAndSix=Forensics) で紹介された各記事の冒頭を表示し、チェックする記事をザッピングするために自動生成&投稿したものです。4n6 は こちら からご確認いただけます。
MISCELLANEOUS
Jessica Hyde from Hexordia on the Magnet Forensics blog
Hi, all! This is Jessica Hyde and I am so excited to share the winners from the Capture The Flag competition at Magnet Virtual Summit 2023, along with the challenges, community write-ups, and the next challenge! The February Magnet Virtual Summit 2023 CTF was another exciting competition. We had over 1250 people register for the CTF and 481 folks solve at least one question! We’re happy to announce the winners: First place: Spyros MoysiadisSecond Place: Emily WeatherillThird Place: Madi Brumbelo...
SANS
Kevin Ripa What is In a Name? In digital forensics, the highlights come from the cases where incident response teams have proven that the threat actors were caught red-handed. March 22, 2023 Celebrity draws us to the experience with attention and awe. First, we have our athletes who, (it doesnât matter the sport), when you listen to every postgame interview, invariably always indicate their success was derived from the team effort. Our ageless rockstars that showcase such talent always state i...
DFIR Origin Stories - Kat Hedley SANS DFIR DFIR Origin Stories - Kat Hedley Digital Forensics and Incident Response (DFIR) called to Kat Hedley as soon as she first entered the workforce. March 20, 2023 Configuring Where to StartStarting a post-grad job but missing that spark to motivate you every day? For Kathryn (Kat) Hedley to find her spark, she knew a career shift was bound to happen soon. Digital Forensics and Incident Response (DFIR) called to her as soon as she first entered the workforc...
Shaun McCullough Cloud Attacks and Threat Detections SEC541 is a threat-driven class for the cloud. Learn how to build a detection engineering program for your organization. March 20, 2023 SEC541: Cloud Security Attacker Techniques, Monitoring, and Threat Detection now spans across 5 comprehensive sections. The course remains focused on providing in-depth case studies of cloud attacks, equipping learners with the ability to employ cloud services for investigating suspicious activities within the...
Eddie Bentley at Cado Security
Cassie Doemel at AboutDFIR
AboutDFIR Site Content Update 03/25/2023 By Cassie DoemelOn March 25, 2023March 25, 2023 Tools & Artifacts – Windows – new entries added – BitComet & imo (Messenger) Tools & Artifacts – Linux – new entries added – Image Mounting & Memory Acquisition Tools & Artifacts – MacOS – new entry added – Safari Tools & Artifacts – iOS – new entry added – Deleted Messages Tool Testing – new entries added – Android 13 (x2) Annual Reports – new entries added – FBI Internet Crime Report & Red Canary Jobs – ol...
Forensic Focus
Tips And Tricks: Data Collection For Cloud Workplace Applications
AI In CSAM Investigations And The Role Of Digital Evidence In Criminal Cases
UPCOMING WEBINAR – Identifying And Triaging Security Risks In Your Organization
Christa Miller at Forensic Horizons
Photo by Christina @ wocintechchat.com on UnsplashWhen I shared my previous article on LinkedIn, a couple of comments specifically responded to the points I’d raised about training: The prosecutors I spoke to are as self-taught on digital evidence as forensic examiners.Both of the commenters agreed that was their experience as well, and reflected the need for more common, prevalent training for prosecutors, with one ruefully reflecting that not much had actually changed in the last 20 years.Why ...
IntaForensics
Defence case reviews: the need for deeper digital investigation20 March 2023Digital information is integral to many defence cases. But without the proper tools and skills to analyse it, defence teams could miss out on critical insights. That’s why independent case reviews are essential for defence teams looking to strengthen their clients’ cases.In this article, we explore the value case reviews can provide for defence teams and the best way to approach independent digital investigators. Why mor...
Mathius Fuchs at CyberFox
By Mat Posted on March 25, 2023 Leave a Comment on Welcome back Welcome to the CyberFox blog on Digital Forensics and Incident Response! After a brief hiatus, I’m thrilled to announce that I’ve relaunched my blog with even more exciting features than before. In addition to my written posts, I’ll also be sharing tutorial and explanation videos, as well as live webcasts. My goal is to provide a comprehensive resource for digital forensics and incident response professionals, covering a wide range ...
By Mat Posted on March 25, 2023 Leave a Comment on Do we still need memory forensics today? One question that I get asked quite frequently is, if memory forensics is still valuable today. Now as most EDR solution use some kind of memory capability to detect malware, what is the justification to still apply memory forensic techniques in our large scale incident response investigations? Obviously EDR tools do miss attacks. Even ransomware groups put a lot of effort into evading EDR detections. Tha...
Digit Oktavianto at MII Cyber Security
A Tale Story of Compromise Assessment — Part 1Recently, a major cyber security incident occurred in many institutions in Indonesia, resulting in the loss of customer data and financial losses. This incident highlights the need for organizations to conduct regular compromise assessments and to ensure that their systems are secure and up-to-date with the latest security best practices. By conducting regular assessments, organizations can ensure that they are prepared to respond quickly and effecti...
Amber Schroader at Paraben Corporation
Written by Amber Schroader Many people discount the value of a good triage. Investigators try to go for all the data at once, which can be costly and unproductive. With the data gap of size gone between mobile and computer-related data, you can be forced to review Terabytes now without breaking a sweat. Triage and digital forensics are two related but distinct fields of digital investigation. Triage is the process of sorting and categorizing digital evidence based on its relevance and importance...
Seth Enoka
18 min read Forensics, How-To, Incident Response | Introduction It’s important to stay up to date with the latest knowledge and skills. I don’t think many would argue when I say, for cybersecurity training, SANS is the premiere training organisation, and has been for some time. SANS offers opportunities for professionals at all career stages – from those just starting out, to those at the very late stages. They’re constantly adding new courses and certifications via GIAC, as can be seen in their...
Teri Radichel
CM.4 Conversion without exponentialsPart of a series on Cybersecurity Math.Please read the following posts first unless you are already familiar with these concepts:Why binary and hexadecimal are used with computers.Why that matters for cybersecurity.The relationship between binary, decimal, and hexadecimalHow to count in binary----More from Cloud SecurityCybersecurity in a Cloudy WorldRead more from Cloud SecurityAboutHelpTermsPrivacyGet the Medium appGet unlimited accessTeri Radichel1.4K Follo...
CM.5 Bits, bytes, and packet headers — starting with the ethernet headerPart of a series on Cybersecurity Math. Also, Network Security.In the last post I showed you how to convert hexadecimal to binary and decimal using a formula I found online years ago.----More from Cloud SecurityCybersecurity in a Cloudy WorldRead more from Cloud SecurityAboutHelpTermsPrivacyGet the Medium appGet unlimited accessTeri Radichel1.4K FollowersCloud Security Training and Penetration Testing | GSE, GSEC, GCIH, GCIA...